diff options
| author | Ryuta Kamizono <kamipo@gmail.com> | 2019-03-18 05:31:44 +0900 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2019-03-18 05:31:44 +0900 |
| commit | 7971fc4b49979a8d1ded09e311c5c09a09af5b93 (patch) | |
| tree | 9dfc6c0fdbc913bd2e373ed0283b1cb4b185f2fa /actionpack | |
| parent | 98e380f02452ee2597d122c76fd6b3a802f73333 (diff) | |
| parent | f80871fe6057d82fa218500e615a899245371071 (diff) | |
| download | rails-7971fc4b49979a8d1ded09e311c5c09a09af5b93.tar.gz rails-7971fc4b49979a8d1ded09e311c5c09a09af5b93.tar.bz2 rails-7971fc4b49979a8d1ded09e311c5c09a09af5b93.zip | |
Merge pull request #35654 from t-richards/bugfix/referrer-policy-error
Fix invalid suggestion in null origin error message
Diffstat (limited to 'actionpack')
| -rw-r--r-- | actionpack/lib/action_controller/metal/request_forgery_protection.rb | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/actionpack/lib/action_controller/metal/request_forgery_protection.rb b/actionpack/lib/action_controller/metal/request_forgery_protection.rb index cb109c6ad8..4bf8d90b69 100644 --- a/actionpack/lib/action_controller/metal/request_forgery_protection.rb +++ b/actionpack/lib/action_controller/metal/request_forgery_protection.rb @@ -431,7 +431,7 @@ module ActionController #:nodoc: The browser returned a 'null' origin for a request with origin-based forgery protection turned on. This usually means you have the 'no-referrer' Referrer-Policy header enabled, or that the request came from a site that refused to give its origin. This makes it impossible for Rails to verify the source of the requests. Likely the - best solution is to change your referrer policy to something less strict like same-origin or strict-same-origin. + best solution is to change your referrer policy to something less strict like same-origin or strict-origin. If you cannot change the referrer policy, you can disable origin checking with the Rails.application.config.action_controller.forgery_protection_origin_check setting. MSG |